Bugzilla – Bug 1023051
VUL-1: CVE-2016-3695: kernel-source: Error injection via EINJ is allowed when securelevel is enabled
Last modified: 2022-12-23 15:01:59 UTC
Somebody digged out an older security implication with ACPI error injection. It was found that EINJ, error injection mechanism, is allowed even if securelevel, a prevention from userspace performing actions that undermine trust in the platform, is enabled. This can have undesirable side-effects, such as causing the platform to mark hardware as needing replacement. Upstream Patch: https://github.com/mjg59/linux/commit/d7a6be58edc01b1c66ecd8fcc91236bfbce0a420 References: https://bugzilla.redhat.com/show_bug.cgi?id=1322755 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3695 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3695 Acknowledgments: Linn Crosetto (HP)
bugbot adjusting priority
SUSE-SU-2017:2342-1: An update that solves 44 vulnerabilities and has 135 fixes is now available. Category: security (important) Bug References: 1003077,1005651,1008374,1008850,1008893,1012422,1013018,1013070,1013800,1013862,1016489,1017143,1018074,1018263,1018446,1019168,1020229,1021256,1021913,1022971,1023014,1023051,1023163,1023888,1024508,1024788,1024938,1025235,1025702,1026024,1026260,1026722,1026914,1027066,1027101,1027178,1027565,1028372,1028415,1028880,1029140,1029212,1029770,1029850,1030213,1030552,1030573,1030593,1030814,1031003,1031052,1031440,1031579,1032141,1032340,1032471,1033287,1033336,1033771,1033794,1033804,1033816,1034026,1034670,1035576,1035777,1035920,1036056,1036288,1036629,1037182,1037183,1037191,1037193,1037227,1037232,1037233,1037356,1037358,1037359,1037441,1038544,1038879,1038981,1038982,1039258,1039348,1039354,1039456,1039594,1039882,1039883,1039885,1040069,1040351,1041160,1041431,1041762,1041975,1042045,1042200,1042615,1042633,1042687,1042832,1043014,1043234,1043935,1044015,1044125,1044216,1044230,1044854,1044882,1044913,1044985,1045154,1045340,1045356,1045406,1045416,1045525,1045538,1045547,1045615,1046107,1046122,1046192,1046715,1047027,1047053,1047343,1047354,1047487,1047523,1047653,1048185,1048221,1048232,1048275,1049483,1049603,1049688,1049882,1050154,1050431,1051478,1051515,1051770,784815,792863,799133,870618,909486,909618,911105,919382,928138,931620,938352,943786,948562,962257,970956,971975,972891,979021,982783,983212,985561,986362,986365,986924,988065,989056,990682,991651,995542,999245 CVE References: CVE-2014-9922,CVE-2015-3288,CVE-2015-8970,CVE-2016-10200,CVE-2016-2188,CVE-2016-4997,CVE-2016-4998,CVE-2016-5243,CVE-2016-7117,CVE-2017-1000363,CVE-2017-1000364,CVE-2017-1000365,CVE-2017-1000380,CVE-2017-11176,CVE-2017-11473,CVE-2017-2636,CVE-2017-2647,CVE-2017-2671,CVE-2017-5669,CVE-2017-5970,CVE-2017-5986,CVE-2017-6074,CVE-2017-6214,CVE-2017-6348,CVE-2017-6353,CVE-2017-6951,CVE-2017-7184,CVE-2017-7187,CVE-2017-7261,CVE-2017-7294,CVE-2017-7308,CVE-2017-7482,CVE-2017-7487,CVE-2017-7533,CVE-2017-7542,CVE-2017-7616,CVE-2017-8890,CVE-2017-8924,CVE-2017-8925,CVE-2017-9074,CVE-2017-9075,CVE-2017-9076,CVE-2017-9077,CVE-2017-9242 Sources used: SUSE Linux Enterprise Real Time Extension 11-SP4 (src): kernel-rt-3.0.101.rt130-69.5.1, kernel-rt_trace-3.0.101.rt130-69.5.1, kernel-source-rt-3.0.101.rt130-69.5.1, kernel-syms-rt-3.0.101.rt130-69.5.1 SUSE Linux Enterprise Debuginfo 11-SP4 (src): kernel-rt-3.0.101.rt130-69.5.1, kernel-rt_debug-3.0.101.rt130-69.5.1, kernel-rt_trace-3.0.101.rt130-69.5.1
SUSE-SU-2017:2389-1: An update that solves 21 vulnerabilities and has 92 fixes is now available. Category: security (important) Bug References: 1000365,1000380,1012422,1013018,1015452,1023051,1029140,1029850,1030552,1030593,1030814,1032340,1032471,1034026,1034670,1035576,1035721,1035777,1035920,1036056,1036288,1036629,1037191,1037193,1037227,1037232,1037233,1037356,1037358,1037359,1037441,1038544,1038879,1038981,1038982,1039258,1039354,1039456,1039594,1039882,1039883,1039885,1040069,1040351,1041160,1041431,1041762,1041975,1042045,1042615,1042633,1042687,1042832,1042863,1043014,1043234,1043935,1044015,1044125,1044216,1044230,1044854,1044882,1044913,1045154,1045356,1045416,1045479,1045487,1045525,1045538,1045547,1045615,1046107,1046192,1046715,1047027,1047053,1047343,1047354,1047487,1047523,1047653,1048185,1048221,1048232,1048275,1049128,1049483,1049603,1049688,1049882,1050154,1050431,1051478,1051515,1051770,1055680,784815,792863,799133,909618,919382,928138,938352,943786,948562,962257,971975,972891,986924,990682,995542 CVE References: CVE-2014-9922,CVE-2016-10277,CVE-2017-1000363,CVE-2017-1000365,CVE-2017-1000380,CVE-2017-11176,CVE-2017-11473,CVE-2017-2647,CVE-2017-6951,CVE-2017-7482,CVE-2017-7487,CVE-2017-7533,CVE-2017-7542,CVE-2017-8890,CVE-2017-8924,CVE-2017-8925,CVE-2017-9074,CVE-2017-9075,CVE-2017-9076,CVE-2017-9077,CVE-2017-9242 Sources used: SUSE Linux Enterprise Software Development Kit 11-SP4 (src): kernel-docs-3.0.101-108.7.2 SUSE Linux Enterprise Server 11-SP4 (src): kernel-bigmem-3.0.101-108.7.1, kernel-default-3.0.101-108.7.1, kernel-ec2-3.0.101-108.7.1, kernel-pae-3.0.101-108.7.1, kernel-ppc64-3.0.101-108.7.1, kernel-source-3.0.101-108.7.1, kernel-syms-3.0.101-108.7.1, kernel-trace-3.0.101-108.7.1, kernel-xen-3.0.101-108.7.1 SUSE Linux Enterprise Server 11-EXTRA (src): kernel-default-3.0.101-108.7.1, kernel-pae-3.0.101-108.7.1, kernel-ppc64-3.0.101-108.7.1, kernel-trace-3.0.101-108.7.1, kernel-xen-3.0.101-108.7.1 SUSE Linux Enterprise Real Time Extension 11-SP4 (src): cluster-network-1.4-2.32.2.14, drbd-kmp-8.4.4-0.27.2.13, gfs2-2-0.24.2.14, ocfs2-1.6-0.28.3.4 SUSE Linux Enterprise High Availability Extension 11-SP4 (src): cluster-network-1.4-2.32.2.14, drbd-8.4.4-0.27.2.1, drbd-kmp-8.4.4-0.27.2.13, gfs2-2-0.24.2.14, ocfs2-1.6-0.28.3.4 SUSE Linux Enterprise Debuginfo 11-SP4 (src): drbd-8.4.4-0.27.2.1, kernel-bigmem-3.0.101-108.7.1, kernel-default-3.0.101-108.7.1, kernel-ec2-3.0.101-108.7.1, kernel-pae-3.0.101-108.7.1, kernel-ppc64-3.0.101-108.7.1, kernel-trace-3.0.101-108.7.1, kernel-xen-3.0.101-108.7.1
SUSE-SU-2017:2525-1: An update that solves 40 vulnerabilities and has 44 fixes is now available. Category: security (important) Bug References: 1006919,1012422,1013862,1017143,1020229,1021256,1023051,1024938,1025013,1025235,1026024,1026722,1026914,1027066,1027101,1027178,1027179,1027406,1028415,1028880,1029212,1029850,1030213,1030573,1030575,1030593,1031003,1031052,1031440,1031481,1031579,1031660,1033287,1033336,1034670,1034838,1035576,1037182,1037183,1037994,1038544,1038564,1038879,1038883,1038981,1038982,1039349,1039354,1039456,1039594,1039882,1039883,1039885,1040069,1041431,1042364,1042863,1042892,1044125,1045416,1045487,1046107,1048232,1048275,1049483,1049603,1049882,1050677,1052311,1053148,1053152,1053760,1056588,870618,948562,957988,957990,963655,972891,979681,983212,986924,989896,999245 CVE References: CVE-2016-10200,CVE-2016-5243,CVE-2017-1000112,CVE-2017-1000363,CVE-2017-1000365,CVE-2017-1000380,CVE-2017-10661,CVE-2017-11176,CVE-2017-11473,CVE-2017-12762,CVE-2017-14051,CVE-2017-2647,CVE-2017-2671,CVE-2017-5669,CVE-2017-5970,CVE-2017-5986,CVE-2017-6074,CVE-2017-6214,CVE-2017-6348,CVE-2017-6353,CVE-2017-6951,CVE-2017-7184,CVE-2017-7187,CVE-2017-7261,CVE-2017-7294,CVE-2017-7308,CVE-2017-7482,CVE-2017-7487,CVE-2017-7533,CVE-2017-7542,CVE-2017-7616,CVE-2017-8831,CVE-2017-8890,CVE-2017-8924,CVE-2017-8925,CVE-2017-9074,CVE-2017-9075,CVE-2017-9076,CVE-2017-9077,CVE-2017-9242 Sources used: SUSE Linux Enterprise Server 11-SP3-LTSS (src): kernel-bigsmp-3.0.101-0.47.106.5.1, kernel-default-3.0.101-0.47.106.5.1, kernel-ec2-3.0.101-0.47.106.5.1, kernel-pae-3.0.101-0.47.106.5.1, kernel-source-3.0.101-0.47.106.5.1, kernel-syms-3.0.101-0.47.106.5.1, kernel-trace-3.0.101-0.47.106.5.1, kernel-xen-3.0.101-0.47.106.5.1 SUSE Linux Enterprise Server 11-EXTRA (src): kernel-bigsmp-3.0.101-0.47.106.5.1, kernel-default-3.0.101-0.47.106.5.1, kernel-pae-3.0.101-0.47.106.5.1, kernel-trace-3.0.101-0.47.106.5.1, kernel-xen-3.0.101-0.47.106.5.1 SUSE Linux Enterprise Point of Sale 11-SP3 (src): kernel-default-3.0.101-0.47.106.5.1, kernel-ec2-3.0.101-0.47.106.5.1, kernel-pae-3.0.101-0.47.106.5.1, kernel-source-3.0.101-0.47.106.5.1, kernel-syms-3.0.101-0.47.106.5.1, kernel-trace-3.0.101-0.47.106.5.1, kernel-xen-3.0.101-0.47.106.5.1 SUSE Linux Enterprise Debuginfo 11-SP3 (src): kernel-bigsmp-3.0.101-0.47.106.5.1, kernel-default-3.0.101-0.47.106.5.1, kernel-ec2-3.0.101-0.47.106.5.1, kernel-pae-3.0.101-0.47.106.5.1, kernel-trace-3.0.101-0.47.106.5.1, kernel-xen-3.0.101-0.47.106.5.1
released
For unknown reason, kernel mainline's lockdown patchset doesn't include this patch against CVE-2016-3695. I have sent mail for checking the reason but didn't receive any response: https://lore.kernel.org/lkml/20180111115915.dejachty3l7fwpmf@dwarf.suse.cz/T/ I reopened this bug and will port patch to new SLE kernels for locking down EINJ.
Thanks Joey for your help! So the new assessment would be: Patch missing: - cve/linux-3.0 - cve/linux-5.3 - SLE15-SP4-GA - SLE15-SP4 - SLE15-SP3 - stable (So only cve/linux-4.4 seems to contain the patch) These branches contain a different patch [0] that does something similar, should be okay imo: - cve/linux-4.12 - SLE12-SP5 [0] https://lore.kernel.org/linux-security-module/20190325220954.29054-17-matthewgarrett@google.com/
Kernel upstream still didn't give any response: https://lore.kernel.org/lkml/151024863544.28329.2436580122759221600.stgit@warthog.procyon.org.uk/T/
Thanks for Hu and Borislav's suggestion. I agree this issue is minor and can be avoided by removing the einj.ko module because it's only for debugging. I set this issue to WONFIX. If upstream merged patch then we can reopen it.
I think it violates secure boot constraints? if root is able to load the module and can bypass secure boot this is a bug we need to fix to keep secure boot promise. a solution can be to remove the module from our kernel.
Hmm, it's an interesting point. Strictly speaking, dropping the einj module from the next update kernel or apply the patch to einj wouldn't cover corner cases. Since we've already shipped the (signed) einj module with the older kernel and it'll keep working with the future kernel thanks to kABI compatibility, an attacker can just use the old module.
we rotated the secure boot key just now to handle such cases... unfortunately most kernels are already released with the new key, excepting 15-sp4 (and 15-sp3).
Given the severity is not high it is probably OK to disable the module until upstream fix is provided. It is possible to load old module with the bug but that's the case for many other bugs.
OK! I will disable EINJ module in kernel first.
No, not disable - put it in the extra package or so.
I believe that we need to either patch or completely drop (disable). Even if we put the module to *-extra, it's still signed with the proper SLE key, hence anyone can use it as long as it's shipped no matter in which package.
1. It is a supported module: $ grep einj supported.conf drivers/acpi/apei/einj # APEI (ACPI Platform Error Interface) 2. The injection interface is root-only: $ ls -al /sys/kernel/debug/apei/einj total 0 drwxr-xr-x 2 root root 0 Jun 23 17:08 . drwxr-xr-x 3 root root 0 Jun 23 17:08 .. -r-------- 1 root root 0 Jun 23 17:08 available_error_type --w------- 1 root root 0 Jun 23 17:08 error_inject -rw------- 1 root root 0 Jun 23 17:08 error_type -rw------- 1 root root 0 Jun 23 17:08 flags -rw------- 1 root root 0 Jun 23 17:08 notrigger -rw------- 1 root root 0 Jun 23 17:08 param1 -rw------- 1 root root 0 Jun 23 17:08 param2 -rw------- 1 root root 0 Jun 23 17:08 param3 -rw------- 1 root root 0 Jun 23 17:08 param4 -r-------- 1 root root 0 Jun 23 17:08 vendor -rw------- 1 root root 0 Jun 23 17:08 vendor_flags so if the attacker has root, that's the last thing he'll use. 3. Also, if you disable it, you need to run it through jira in order to defeature it and you'd have to explain customers why we're disabling the only usable error injection functionality on modern systems. So no, you don't want to disable it.
Why not take another option, just forward-port the downstream patch (to disable EINJ under secure boot)? You can disable the module for TW if a downstream patch matters, instead; but for SLE, it looks not too bad in the end, as the code change it self is fairly trivial.
Why would you do *anything* *at* *all*?! As shown, you need to be root to do the injection... Also, I'm not buying the "justification" of that original HP patch one bit. "This can have undesirable side-effects, such as causing the platform to mark hardware as needing replacement." So don't do that then. Don't log in as root and don't do error injection. You don't want to do that on production machines anyway.
(In reply to Borislav Petkov from comment #25) > Why would you do *anything* *at* *all*?! > > As shown, you need to be root to do the injection... ... and root is not trusted from secure boot POV. That's why we had to lock down many other features that could be operated only by root, too.
If you mean this security lockdown thing where you protect even root from shooting its own foot I still think it's silly. But whatever.
Yeah, I fully agree with "silly but...", too :) I'm not against challenging to dispute this CVE, but my gut feeling is that patching would be an easier path.
The following kernel already have patch: - cve/linux-3.0 SLE11-SP3-TD [OK] SLE11-SP4-LTSS [OK] - cve/linux-4.12 [OK] And, I have backported patch to the following kernels and waiting the patch be merged: - cve/linux-5.3 - SLE15-SP4 - stable
Joey, anything new here wrt upstream? Otherwise AFAIU other code streams are handled...
SUSE-SU-2022:3264-1: An update that solves 15 vulnerabilities, contains one feature and has 61 fixes is now available. Category: security (important) Bug References: 1023051,1065729,1156395,1179722,1179723,1181862,1191662,1191667,1191881,1192594,1192968,1194272,1194535,1197158,1197755,1197756,1197757,1197760,1197763,1197920,1198971,1199291,1200431,1200845,1200868,1200869,1200870,1200871,1200872,1200873,1201019,1201420,1201610,1201705,1201726,1201948,1202096,1202097,1202346,1202347,1202393,1202396,1202447,1202564,1202577,1202636,1202672,1202701,1202708,1202709,1202710,1202711,1202712,1202713,1202714,1202715,1202716,1202717,1202718,1202720,1202722,1202745,1202756,1202810,1202811,1202860,1202895,1202898,1203063,1203098,1203107,1203116,1203117,1203135,1203136,1203137 CVE References: CVE-2016-3695,CVE-2020-27784,CVE-2021-4155,CVE-2021-4203,CVE-2022-20368,CVE-2022-20369,CVE-2022-2588,CVE-2022-26373,CVE-2022-2663,CVE-2022-2905,CVE-2022-2977,CVE-2022-3028,CVE-2022-36879,CVE-2022-39188,CVE-2022-39190 JIRA References: SLE-24635 Sources used: openSUSE Leap Micro 5.2 (src): kernel-default-5.3.18-150300.59.93.1, kernel-default-base-5.3.18-150300.59.93.1.150300.18.54.1 openSUSE Leap 15.4 (src): dtb-aarch64-5.3.18-150300.59.93.1 openSUSE Leap 15.3 (src): dtb-aarch64-5.3.18-150300.59.93.1, kernel-64kb-5.3.18-150300.59.93.1, kernel-debug-5.3.18-150300.59.93.1, kernel-default-5.3.18-150300.59.93.1, kernel-default-base-5.3.18-150300.59.93.1.150300.18.54.1, kernel-docs-5.3.18-150300.59.93.1, kernel-kvmsmall-5.3.18-150300.59.93.1, kernel-obs-build-5.3.18-150300.59.93.1, kernel-obs-qa-5.3.18-150300.59.93.1, kernel-preempt-5.3.18-150300.59.93.1, kernel-source-5.3.18-150300.59.93.1, kernel-syms-5.3.18-150300.59.93.1, kernel-zfcpdump-5.3.18-150300.59.93.1 SUSE Linux Enterprise Workstation Extension 15-SP3 (src): kernel-default-5.3.18-150300.59.93.1, kernel-preempt-5.3.18-150300.59.93.1 SUSE Linux Enterprise Module for Live Patching 15-SP3 (src): kernel-default-5.3.18-150300.59.93.1, kernel-livepatch-SLE15-SP3_Update_24-1-150300.7.3.1 SUSE Linux Enterprise Module for Legacy Software 15-SP3 (src): kernel-default-5.3.18-150300.59.93.1 SUSE Linux Enterprise Module for Development Tools 15-SP3 (src): kernel-docs-5.3.18-150300.59.93.1, kernel-obs-build-5.3.18-150300.59.93.1, kernel-preempt-5.3.18-150300.59.93.1, kernel-source-5.3.18-150300.59.93.1, kernel-syms-5.3.18-150300.59.93.1 SUSE Linux Enterprise Module for Basesystem 15-SP3 (src): kernel-64kb-5.3.18-150300.59.93.1, kernel-default-5.3.18-150300.59.93.1, kernel-default-base-5.3.18-150300.59.93.1.150300.18.54.1, kernel-preempt-5.3.18-150300.59.93.1, kernel-source-5.3.18-150300.59.93.1, kernel-zfcpdump-5.3.18-150300.59.93.1 SUSE Linux Enterprise Micro 5.2 (src): kernel-default-5.3.18-150300.59.93.1, kernel-default-base-5.3.18-150300.59.93.1.150300.18.54.1 SUSE Linux Enterprise Micro 5.1 (src): kernel-default-5.3.18-150300.59.93.1, kernel-default-base-5.3.18-150300.59.93.1.150300.18.54.1 SUSE Linux Enterprise High Availability 15-SP3 (src): kernel-default-5.3.18-150300.59.93.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2022:3288-1: An update that solves 25 vulnerabilities, contains four features and has 91 fixes is now available. Category: security (important) Bug References: 1023051,1032323,1065729,1156395,1189999,1190497,1192968,1194592,1194869,1194904,1195480,1195917,1196616,1197158,1197391,1197755,1197756,1197757,1197763,1198410,1198577,1198702,1198971,1199356,1199515,1200301,1200313,1200431,1200544,1200845,1200868,1200869,1200870,1200871,1200872,1200873,1201019,1201308,1201361,1201442,1201455,1201489,1201610,1201726,1201768,1201865,1201940,1201948,1201956,1202094,1202096,1202097,1202113,1202131,1202154,1202262,1202265,1202346,1202347,1202385,1202393,1202447,1202471,1202558,1202564,1202623,1202636,1202672,1202681,1202710,1202711,1202712,1202713,1202715,1202716,1202757,1202758,1202759,1202761,1202762,1202763,1202764,1202765,1202766,1202767,1202768,1202769,1202770,1202771,1202773,1202774,1202775,1202776,1202778,1202779,1202780,1202781,1202782,1202783,1202822,1202823,1202824,1202860,1202867,1202872,1202898,1202989,1203036,1203041,1203063,1203098,1203107,1203117,1203138,1203139,1203159 CVE References: CVE-2016-3695,CVE-2020-36516,CVE-2021-33135,CVE-2021-4037,CVE-2022-1184,CVE-2022-20368,CVE-2022-20369,CVE-2022-2585,CVE-2022-2588,CVE-2022-26373,CVE-2022-2639,CVE-2022-2663,CVE-2022-28356,CVE-2022-28693,CVE-2022-2873,CVE-2022-2905,CVE-2022-2938,CVE-2022-2959,CVE-2022-2977,CVE-2022-3028,CVE-2022-3078,CVE-2022-36879,CVE-2022-36946,CVE-2022-39188,CVE-2022-39190 JIRA References: SLE-19359,SLE-23766,SLE-24572,SLE-24682 Sources used: openSUSE Leap 15.4 (src): kernel-azure-5.14.21-150400.14.13.1, kernel-source-azure-5.14.21-150400.14.13.1, kernel-syms-azure-5.14.21-150400.14.13.1 SUSE Linux Enterprise Module for Public Cloud 15-SP4 (src): kernel-azure-5.14.21-150400.14.13.1, kernel-source-azure-5.14.21-150400.14.13.1, kernel-syms-azure-5.14.21-150400.14.13.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2022:3293-1: An update that solves 23 vulnerabilities, contains 5 features and has 88 fixes is now available. Category: security (important) Bug References: 1023051,1032323,1065729,1156395,1190497,1194592,1194869,1194904,1195480,1195917,1196616,1197158,1197391,1197755,1197756,1197757,1197763,1198410,1198971,1199086,1199364,1199670,1200313,1200431,1200465,1200544,1200845,1200868,1200869,1200870,1200871,1200872,1200873,1201019,1201308,1201427,1201442,1201455,1201489,1201610,1201675,1201725,1201768,1201940,1201956,1201958,1202096,1202097,1202113,1202131,1202154,1202262,1202265,1202312,1202346,1202347,1202385,1202393,1202447,1202471,1202558,1202564,1202623,1202636,1202672,1202681,1202710,1202711,1202712,1202713,1202715,1202716,1202757,1202758,1202759,1202761,1202762,1202763,1202764,1202765,1202766,1202767,1202768,1202769,1202770,1202771,1202773,1202774,1202775,1202776,1202778,1202779,1202780,1202781,1202782,1202783,1202822,1202823,1202824,1202860,1202867,1202874,1202898,1203036,1203041,1203063,1203107,1203117,1203138,1203139,1203159 CVE References: CVE-2016-3695,CVE-2020-36516,CVE-2021-33135,CVE-2021-4037,CVE-2022-20368,CVE-2022-20369,CVE-2022-2588,CVE-2022-2639,CVE-2022-2663,CVE-2022-28356,CVE-2022-28693,CVE-2022-2873,CVE-2022-2905,CVE-2022-2938,CVE-2022-2959,CVE-2022-2977,CVE-2022-3028,CVE-2022-3078,CVE-2022-32250,CVE-2022-36879,CVE-2022-36946,CVE-2022-39188,CVE-2022-39190 JIRA References: SLE-18130,SLE-19359,SLE-20183,SLE-23766,SLE-24572 Sources used: openSUSE Leap 15.4 (src): dtb-aarch64-5.14.21-150400.24.21.1, kernel-64kb-5.14.21-150400.24.21.2, kernel-debug-5.14.21-150400.24.21.2, kernel-default-5.14.21-150400.24.21.2, kernel-default-base-5.14.21-150400.24.21.2.150400.24.7.2, kernel-docs-5.14.21-150400.24.21.3, kernel-kvmsmall-5.14.21-150400.24.21.2, kernel-obs-build-5.14.21-150400.24.21.2, kernel-obs-qa-5.14.21-150400.24.21.1, kernel-source-5.14.21-150400.24.21.2, kernel-syms-5.14.21-150400.24.21.1, kernel-zfcpdump-5.14.21-150400.24.21.2 SUSE Linux Enterprise Workstation Extension 15-SP4 (src): kernel-default-5.14.21-150400.24.21.2 SUSE Linux Enterprise Module for Live Patching 15-SP4 (src): kernel-default-5.14.21-150400.24.21.2, kernel-livepatch-SLE15-SP4_Update_3-1-150400.9.3.2 SUSE Linux Enterprise Module for Legacy Software 15-SP4 (src): kernel-default-5.14.21-150400.24.21.2 SUSE Linux Enterprise Module for Development Tools 15-SP4 (src): kernel-docs-5.14.21-150400.24.21.3, kernel-obs-build-5.14.21-150400.24.21.2, kernel-source-5.14.21-150400.24.21.2, kernel-syms-5.14.21-150400.24.21.1 SUSE Linux Enterprise Module for Basesystem 15-SP4 (src): kernel-64kb-5.14.21-150400.24.21.2, kernel-default-5.14.21-150400.24.21.2, kernel-default-base-5.14.21-150400.24.21.2.150400.24.7.2, kernel-source-5.14.21-150400.24.21.2, kernel-zfcpdump-5.14.21-150400.24.21.2 SUSE Linux Enterprise High Availability 15-SP4 (src): kernel-default-5.14.21-150400.24.21.2 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2022:3450-1: An update that solves 20 vulnerabilities and has 8 fixes is now available. Category: security (important) Bug References: 1023051,1180153,1188944,1191881,1192968,1194272,1194535,1196616,1197158,1199482,1199665,1201726,1201948,1202096,1202097,1202154,1202346,1202347,1202393,1202396,1202564,1202672,1202860,1202895,1202898,1203098,1203107,1203159 CVE References: CVE-2016-3695,CVE-2020-27784,CVE-2020-36516,CVE-2021-4155,CVE-2021-4203,CVE-2022-1012,CVE-2022-20166,CVE-2022-20368,CVE-2022-20369,CVE-2022-2588,CVE-2022-26373,CVE-2022-2639,CVE-2022-2663,CVE-2022-2905,CVE-2022-29581,CVE-2022-2977,CVE-2022-3028,CVE-2022-32250,CVE-2022-36879,CVE-2022-39188 JIRA References: Sources used: SUSE Manager Server 4.1 (src): kernel-default-5.3.18-150200.24.129.1, kernel-default-base-5.3.18-150200.24.129.1.150200.9.61.1, kernel-docs-5.3.18-150200.24.129.1, kernel-obs-build-5.3.18-150200.24.129.1, kernel-preempt-5.3.18-150200.24.129.1, kernel-source-5.3.18-150200.24.129.1, kernel-syms-5.3.18-150200.24.129.1 SUSE Manager Retail Branch Server 4.1 (src): kernel-default-5.3.18-150200.24.129.1, kernel-default-base-5.3.18-150200.24.129.1.150200.9.61.1, kernel-docs-5.3.18-150200.24.129.1, kernel-preempt-5.3.18-150200.24.129.1, kernel-source-5.3.18-150200.24.129.1, kernel-syms-5.3.18-150200.24.129.1 SUSE Manager Proxy 4.1 (src): kernel-default-5.3.18-150200.24.129.1, kernel-default-base-5.3.18-150200.24.129.1.150200.9.61.1, kernel-docs-5.3.18-150200.24.129.1, kernel-preempt-5.3.18-150200.24.129.1, kernel-source-5.3.18-150200.24.129.1, kernel-syms-5.3.18-150200.24.129.1 SUSE Linux Enterprise Server for SAP 15-SP2 (src): kernel-default-5.3.18-150200.24.129.1, kernel-default-base-5.3.18-150200.24.129.1.150200.9.61.1, kernel-docs-5.3.18-150200.24.129.1, kernel-obs-build-5.3.18-150200.24.129.1, kernel-preempt-5.3.18-150200.24.129.1, kernel-source-5.3.18-150200.24.129.1, kernel-syms-5.3.18-150200.24.129.1 SUSE Linux Enterprise Server 15-SP2-LTSS (src): kernel-default-5.3.18-150200.24.129.1, kernel-default-base-5.3.18-150200.24.129.1.150200.9.61.1, kernel-docs-5.3.18-150200.24.129.1, kernel-obs-build-5.3.18-150200.24.129.1, kernel-preempt-5.3.18-150200.24.129.1, kernel-source-5.3.18-150200.24.129.1, kernel-syms-5.3.18-150200.24.129.1 SUSE Linux Enterprise Server 15-SP2-BCL (src): kernel-default-5.3.18-150200.24.129.1, kernel-default-base-5.3.18-150200.24.129.1.150200.9.61.1, kernel-docs-5.3.18-150200.24.129.1, kernel-preempt-5.3.18-150200.24.129.1, kernel-source-5.3.18-150200.24.129.1, kernel-syms-5.3.18-150200.24.129.1 SUSE Linux Enterprise Module for Live Patching 15-SP2 (src): kernel-default-5.3.18-150200.24.129.1, kernel-livepatch-SLE15-SP2_Update_30-1-150200.5.3.1 SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (src): kernel-default-5.3.18-150200.24.129.1, kernel-default-base-5.3.18-150200.24.129.1.150200.9.61.1, kernel-docs-5.3.18-150200.24.129.1, kernel-obs-build-5.3.18-150200.24.129.1, kernel-preempt-5.3.18-150200.24.129.1, kernel-source-5.3.18-150200.24.129.1, kernel-syms-5.3.18-150200.24.129.1 SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (src): kernel-default-5.3.18-150200.24.129.1, kernel-default-base-5.3.18-150200.24.129.1.150200.9.61.1, kernel-docs-5.3.18-150200.24.129.1, kernel-obs-build-5.3.18-150200.24.129.1, kernel-preempt-5.3.18-150200.24.129.1, kernel-source-5.3.18-150200.24.129.1, kernel-syms-5.3.18-150200.24.129.1 SUSE Linux Enterprise High Availability 15-SP2 (src): kernel-default-5.3.18-150200.24.129.1 SUSE Enterprise Storage 7 (src): kernel-default-5.3.18-150200.24.129.1, kernel-default-base-5.3.18-150200.24.129.1.150200.9.61.1, kernel-docs-5.3.18-150200.24.129.1, kernel-obs-build-5.3.18-150200.24.129.1, kernel-preempt-5.3.18-150200.24.129.1, kernel-source-5.3.18-150200.24.129.1, kernel-syms-5.3.18-150200.24.129.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Do we miss a fix in any branch yet? Otherwise let's reassign back to security team.
SUSE-SU-2022:3609-1: An update that solves 26 vulnerabilities, contains two features and has 89 fixes is now available. Category: security (important) Bug References: 1023051,1065729,1156395,1177471,1179722,1179723,1181862,1185032,1191662,1191667,1191881,1192594,1194023,1194272,1194535,1196444,1196616,1196867,1197158,1197659,1197755,1197756,1197757,1197760,1197763,1197920,1198971,1199255,1199291,1200084,1200313,1200431,1200622,1200845,1200868,1200869,1200870,1200871,1200872,1200873,1201019,1201309,1201310,1201420,1201442,1201489,1201610,1201645,1201705,1201726,1201865,1201948,1201990,1202095,1202096,1202097,1202154,1202341,1202346,1202347,1202385,1202393,1202396,1202447,1202577,1202636,1202672,1202677,1202701,1202708,1202709,1202710,1202711,1202712,1202713,1202714,1202715,1202716,1202717,1202718,1202720,1202722,1202745,1202756,1202810,1202811,1202860,1202895,1202898,1202960,1202984,1203063,1203098,1203107,1203116,1203117,1203135,1203136,1203137,1203159,1203313,1203389,1203410,1203424,1203552,1203622,1203737,1203769,1203906,1203909,1203933,1203935,1203939,1203987,1203992 CVE References: CVE-2016-3695,CVE-2020-16119,CVE-2020-27784,CVE-2020-36516,CVE-2021-4155,CVE-2021-4203,CVE-2022-20368,CVE-2022-20369,CVE-2022-2503,CVE-2022-2586,CVE-2022-2588,CVE-2022-26373,CVE-2022-2639,CVE-2022-2663,CVE-2022-2905,CVE-2022-2977,CVE-2022-3028,CVE-2022-3239,CVE-2022-3303,CVE-2022-36879,CVE-2022-39188,CVE-2022-39190,CVE-2022-41218,CVE-2022-41222,CVE-2022-41848,CVE-2022-41849 JIRA References: PED-529,SLE-24635 Sources used: openSUSE Leap 15.3 (src): kernel-azure-5.3.18-150300.38.80.1, kernel-source-azure-5.3.18-150300.38.80.1, kernel-syms-azure-5.3.18-150300.38.80.1 SUSE Linux Enterprise Module for Public Cloud 15-SP3 (src): kernel-azure-5.3.18-150300.38.80.1, kernel-source-azure-5.3.18-150300.38.80.1, kernel-syms-azure-5.3.18-150300.38.80.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2022:3809-1: An update that solves 32 vulnerabilities, contains two features and has 84 fixes is now available. Category: security (important) Bug References: 1023051,1065729,1152489,1156395,1177471,1179722,1179723,1181862,1185032,1191662,1191667,1191881,1192594,1194023,1194272,1194535,1196444,1197158,1197659,1197755,1197756,1197757,1197760,1197763,1197920,1198971,1199291,1200288,1200313,1200431,1200622,1200845,1200868,1200869,1200870,1200871,1200872,1200873,1201019,1201309,1201310,1201420,1201489,1201610,1201705,1201726,1201865,1201948,1201990,1202095,1202096,1202097,1202341,1202346,1202347,1202385,1202393,1202396,1202447,1202577,1202636,1202638,1202672,1202677,1202701,1202708,1202709,1202710,1202711,1202712,1202713,1202714,1202715,1202716,1202717,1202718,1202720,1202722,1202745,1202756,1202810,1202811,1202860,1202895,1202898,1202960,1202984,1203063,1203098,1203107,1203117,1203135,1203136,1203137,1203159,1203290,1203389,1203410,1203424,1203514,1203552,1203622,1203737,1203769,1203770,1203802,1203906,1203909,1203935,1203939,1203987,1203992,1204051,1204059,1204060,1204125 CVE References: CVE-2016-3695,CVE-2020-16119,CVE-2020-27784,CVE-2021-4155,CVE-2021-4203,CVE-2022-20368,CVE-2022-20369,CVE-2022-2503,CVE-2022-2586,CVE-2022-2588,CVE-2022-26373,CVE-2022-2663,CVE-2022-2905,CVE-2022-2977,CVE-2022-3028,CVE-2022-3169,CVE-2022-32296,CVE-2022-3239,CVE-2022-3303,CVE-2022-36879,CVE-2022-39188,CVE-2022-39190,CVE-2022-40768,CVE-2022-41218,CVE-2022-41222,CVE-2022-41674,CVE-2022-41848,CVE-2022-41849,CVE-2022-42719,CVE-2022-42720,CVE-2022-42721,CVE-2022-42722 JIRA References: PED-529,SLE-24635 Sources used: openSUSE Leap Micro 5.2 (src): kernel-rt-5.3.18-150300.106.1 SUSE Linux Enterprise Module for Realtime 15-SP3 (src): kernel-rt-5.3.18-150300.106.1, kernel-rt_debug-5.3.18-150300.106.1, kernel-source-rt-5.3.18-150300.106.1, kernel-syms-rt-5.3.18-150300.106.1 SUSE Linux Enterprise Micro 5.2 (src): kernel-rt-5.3.18-150300.106.1 SUSE Linux Enterprise Micro 5.1 (src): kernel-rt-5.3.18-150300.106.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Joey, this bug (CVE-2016-3695) isn't referred in any cve/* branches. Was a fix really pushed and merged?
(In reply to Takashi Iwai from comment #42) > Joey, this bug (CVE-2016-3695) isn't referred in any cve/* branches. > Was a fix really pushed and merged? I found the fix in cve/linux-5.3, but missing in older releases.
SUSE-SU-2022:4617-1: An update that solves 96 vulnerabilities, contains 50 features and has 246 fixes is now available. Category: security (important) Bug References: 1023051,1032323,1065729,1071995,1152472,1152489,1156395,1164051,1177471,1184350,1185032,1188238,1189297,1189999,1190256,1190497,1190969,1192968,1193629,1194023,1194592,1194869,1194904,1195480,1195917,1196018,1196444,1196616,1196632,1196867,1196869,1197158,1197391,1197659,1197755,1197756,1197757,1197763,1198189,1198410,1198577,1198702,1198971,1199086,1199364,1199515,1199670,1199904,1200015,1200058,1200268,1200288,1200301,1200313,1200431,1200465,1200494,1200544,1200567,1200622,1200644,1200651,1200692,1200788,1200845,1200868,1200869,1200870,1200871,1200872,1200873,1201019,1201308,1201309,1201310,1201361,1201427,1201442,1201455,1201489,1201610,1201675,1201725,1201726,1201768,1201865,1201940,1201941,1201948,1201954,1201956,1201958,1202095,1202096,1202097,1202113,1202131,1202154,1202187,1202262,1202265,1202312,1202341,1202346,1202347,1202385,1202393,1202447,1202471,1202558,1202623,1202636,1202672,1202681,1202685,1202686,1202700,1202710,1202711,1202712,1202713,1202715,1202716,1202757,1202758,1202759,1202761,1202762,1202763,1202764,1202765,1202766,1202767,1202768,1202769,1202770,1202771,1202773,1202774,1202775,1202776,1202778,1202779,1202780,1202781,1202782,1202783,1202822,1202823,1202824,1202860,1202867,1202872,1202874,1202898,1202914,1202960,1202989,1202992,1202993,1203002,1203008,1203036,1203039,1203041,1203063,1203066,1203067,1203098,1203101,1203107,1203116,1203117,1203138,1203139,1203159,1203183,1203197,1203208,1203229,1203263,1203290,1203338,1203360,1203361,1203389,1203391,1203410,1203435,1203505,1203511,1203514,1203552,1203606,1203664,1203693,1203699,1203767,1203769,1203770,1203794,1203798,1203802,1203829,1203893,1203902,1203906,1203908,1203922,1203935,1203939,1203960,1203969,1203987,1203992,1203994,1204017,1204051,1204059,1204060,1204092,1204125,1204132,1204142,1204166,1204168,1204170,1204171,1204183,1204228,1204241,1204289,1204290,1204291,1204292,1204353,1204354,1204355,1204402,1204405,1204413,1204414,1204415,1204417,1204424,1204428,1204431,1204432,1204439,1204470,1204479,1204486,1204498,1204533,1204569,1204574,1204575,1204576,1204619,1204624,1204631,1204635,1204636,1204637,1204646,1204647,1204650,1204653,1204693,1204705,1204719,1204728,1204745,1204753,1204780,1204810,1204850,1204868,1204926,1204933,1204934,1204947,1204957,1204963,1204970,1205007,1205100,1205111,1205113,1205128,1205130,1205149,1205153,1205220,1205257,1205264,1205282,1205313,1205331,1205332,1205427,1205428,1205473,1205496,1205507,1205514,1205521,1205567,1205616,1205617,1205653,1205671,1205679,1205683,1205700,1205705,1205709,1205711,1205744,1205764,1205796,1205882,1205993,1206035,1206036,1206037,1206045,1206046,1206047,1206048,1206049,1206050,1206051,1206056,1206057,1206113,1206114,1206147,1206149,1206207,1206273,1206391 CVE References: CVE-2016-3695,CVE-2020-16119,CVE-2020-36516,CVE-2021-33135,CVE-2021-4037,CVE-2022-1184,CVE-2022-1263,CVE-2022-1882,CVE-2022-20368,CVE-2022-20369,CVE-2022-2153,CVE-2022-2586,CVE-2022-2588,CVE-2022-2602,CVE-2022-26373,CVE-2022-2639,CVE-2022-2663,CVE-2022-28356,CVE-2022-28693,CVE-2022-2873,CVE-2022-28748,CVE-2022-2905,CVE-2022-2938,CVE-2022-2959,CVE-2022-2964,CVE-2022-2977,CVE-2022-2978,CVE-2022-3028,CVE-2022-3078,CVE-2022-3114,CVE-2022-3169,CVE-2022-3176,CVE-2022-3202,CVE-2022-32250,CVE-2022-32296,CVE-2022-3239,CVE-2022-3303,CVE-2022-33981,CVE-2022-3424,CVE-2022-3435,CVE-2022-3521,CVE-2022-3524,CVE-2022-3526,CVE-2022-3535,CVE-2022-3542,CVE-2022-3545,CVE-2022-3565,CVE-2022-3566,CVE-2022-3567,CVE-2022-3577,CVE-2022-3586,CVE-2022-3594,CVE-2022-3619,CVE-2022-3621,CVE-2022-3625,CVE-2022-3628,CVE-2022-3629,CVE-2022-3633,CVE-2022-3635,CVE-2022-3640,CVE-2022-3643,CVE-2022-3646,CVE-2022-3649,CVE-2022-36879,CVE-2022-36946,CVE-2022-3707,CVE-2022-3903,CVE-2022-39188,CVE-2022-39189,CVE-2022-39190,CVE-2022-40476,CVE-2022-40768,CVE-2022-4095,CVE-2022-41218,CVE-2022-4129,CVE-2022-4139,CVE-2022-41674,CVE-2022-41848,CVE-2022-41849,CVE-2022-41850,CVE-2022-41858,CVE-2022-42328,CVE-2022-42329,CVE-2022-42703,CVE-2022-42719,CVE-2022-42720,CVE-2022-42721,CVE-2022-42722,CVE-2022-42895,CVE-2022-42896,CVE-2022-43750,CVE-2022-4378,CVE-2022-43945,CVE-2022-45869,CVE-2022-45888,CVE-2022-45934 JIRA References: PED-1082,PED-1084,PED-1085,PED-1096,PED-1211,PED-1573,PED-1649,PED-1706,PED-1936,PED-2684,PED-387,PED-529,PED-611,PED-634,PED-652,PED-664,PED-676,PED-678,PED-679,PED-682,PED-688,PED-707,PED-720,PED-729,PED-732,PED-755,PED-763,PED-813,PED-817,PED-822,PED-824,PED-825,PED-833,PED-842,PED-846,PED-849,PED-850,PED-851,PED-856,PED-857,SLE-13847,SLE-18130,SLE-19359,SLE-19924,SLE-20183,SLE-23766,SLE-24572,SLE-24682,SLE-24814,SLE-9246 Sources used: openSUSE Leap Micro 5.3 (src): kernel-rt-5.14.21-150400.15.5.1 openSUSE Leap 15.4 (src): kernel-rt-5.14.21-150400.15.5.1, kernel-rt_debug-5.14.21-150400.15.5.1, kernel-source-rt-5.14.21-150400.15.5.1, kernel-syms-rt-5.14.21-150400.15.5.1 SUSE Linux Enterprise Module for Realtime 15-SP4 (src): kernel-rt-5.14.21-150400.15.5.1, kernel-rt_debug-5.14.21-150400.15.5.1, kernel-source-rt-5.14.21-150400.15.5.1, kernel-syms-rt-5.14.21-150400.15.5.1 SUSE Linux Enterprise Module for Live Patching 15-SP4 (src): kernel-livepatch-SLE15-SP4-RT_Update_1-1-150400.1.3.1 SUSE Linux Enterprise Micro 5.3 (src): kernel-rt-5.14.21-150400.15.5.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.